Poste.io Mailserver

Pat · February 18, 2023, 3:43pm

1. Caddy version:

V2.5.2 (use old version because of SSL issues with latest version, but I don’t want to solve this issue,… it’s too much work for me)
You can check this issue with caddy 2.5.2 and this guide: https://www.reddit.com/r/selfhosted/comments/shvkkb/reverse_proxy_client_certificates_for_dummies/?utm_source=share&utm_medium=ios_app&utm_name=iossmf)

Same posteo with latest caddy 2.6.4 (docker)

2. How I installed, and run Caddy:

Docker

a. System environment:

Debian 11

b. Command:

c. Service/unit/compose file:

Caddy docker-compose.yml

version: "3.7"

networks:
  net:
    driver: bridge

services:
  caddy:
    image: caddy:latest
   #image: caddy:2.5.2
    container_name: caddy-proxy
    restart: always
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /dockerdata/caddy/Caddyfile:/etc/caddy/Caddyfile
      - ./data:/data
      - ./config:/config
      - ./www:/srv
    labels:
      - "com.centurylinklabs.watchtower.enable=false"
    mem_limit: 150m

    networks:
      default:
        ipv4_address: 172.30.0.2

Caddyfile:

mail.url.com {
        reverse_proxy http://mailserver:80
}

Poste_io docker-compose.yml:

version: "3"

services:
  mailserver:
    image: analogic/poste.io
    container_name: mailserver
    hostname: mail
    domainname: mail.url.com
    ports:
      #- "80:80"    # Webmail/Admin
      - "25:25"    # SMTP  (explicit TLS => STARTTLS)
      - "465:465"  # ESMTP (implicit TLS)
      - "587:587"  # ESMTP (explicit TLS => STARTTLS)
      - "143:143"  # IMAP4
      - "993:993"  # IMAP4 (implicit TLS)
    volumes:
      - ./mail:/data
      - ./mail/webmail/plugins:/opt/www/webmail/plugins
      - ./mail/webmail/config:/opt/www/webmail/config
      - /etc/localtime:/etc/localtime:ro
    environment:
      - TZ=Europe/Berlin
      - HTTPS=OFF
      - VIRTUAL_HOST=mail.url.com
      - VIRTUAL_PORT=80
      - DISABLE_CLAMAV=FALSE
    restart: always

Now I create a network “caddyposteo” (prefer ip without network but this doesnt work)
docker network create caddyposteo
connect booth caddy and posteo together

Now I can reach https URL/admin with ssl from caddy container.
After configuring admin pannel and switch to https URL/webmail I receive 500 error.
In poste_io documentation they wrote I should forward .well-known to poste_io docker container,… but I had no success.

A working config is this one:
(It’s for a old caddy version)
=> URL:gist.github.com/MrDrMcCoy/fa79582c02f87ea50792056f0e06822f

d. My complete Caddy config:

3. The problem I’m having:

Posteio has a integrated nginx with cert generation via le . The issue is, it works standalone via 80/443 but I did not find a way to create a working Caddyfile (for caddy2).

I tried in docker from posteio port change and so on but all without success.

Receive always 500/502

I would like to proxy_redirect to poste.io via ip and port and not via connected network (so no https://mailserver:443, would like to do it like vaultwarden via ip and port.)

4. Error messages and/or full log output:

5. What I already tried:

=> Poste.io documentation

6. Links to relevant resources:

francislavoie · February 18, 2023, 3:49pm

That’s an old version – please upgrade to the latest, v2.6.4.

Please completely fill out the help topic template, as per the forum rules. It’s necessary so that we can properly help you.

francislavoie · February 19, 2023, 1:33pm

What issues? You’ll need to elaborate.

A 500 error is a problem with the upstream app, not Caddy.

Caddy handles all /.well-known/acme-challenge requests itself because it is itself an ACME client.

You didn’t post your logs for Caddy. Please do so, it’s necessary to understand what’s going on.

francislavoie · February 19, 2023, 2:42pm

Pat:

caddy logfile for mail.url.com/webmail

{“level”:“error”,“ts”:1676816828.2539454,“logger”:“http.log.access.log29”,“msg”:“handled request”,“request”:{“remote_ip”:“91.20.200.21”,“remote_port”:“61654”,“proto”:“HTTP/2.0”,“method”:“GET”,“host”:“mail.url.com”,“uri”:“/webmail/”,“headers”:{“Sec-Ch-Ua-Mobile”:[“?0”],“Accept-Language”:[“de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6”],“Cookie”:,“Sec-Ch-Ua”:[““Chromium”;v=“110”, “Not A(Brand”;v=“24”, “Microsoft Edge”;v=“110””],“Dnt”:[“1”],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.46”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7”],“Sec-Fetch-Mode”:[“navigate”],“Sec-Fetch-Site”:[“none”],“Sec-Fetch-User”:[“?1”],“Sec-Fetch-Dest”:[“document”],“Upgrade-Insecure-Requests”:[“1”],“Purpose”:[“prefetch”],“Sec-Ch-Ua-Platform”:[““Windows””],“Accept-Encoding”:[“gzip, deflate, br”]},“tls”:{“resumed”:true,“version”:772,“cipher_suite”:4867,“proto”:“h2”,“server_name”:“mail.url.com”}},“user_id”:“”,“duration”:0.054955663,“size”:0,“status”:500,“resp_headers”:{“Server”:[“Caddy”,“nginx”],“Content-Type”:[“text/html; charset=UTF-8”],“Date”:[“Sun, 19 Feb 2023 14:27:08 GMT”]}}

That 500 status error is coming from upstream, not from Caddy.

This is pretty clearly telling you the PHP code wasn’t successful because of a problem with your DB config.

system · March 21, 2023, 4:19pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.